Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiLAN Cloud User Guide

    Home FortiLAN Cloud 23.1.0 FortiLAN Cloud User Guide
    23.1.0
    24.2.0
    24.1.0
    23.4.0
    23.3.0
    23.2.0
    23.1.0
    22.4.0
    22.3.0

    Security

    Security

    The following security features can be configured in the SSID.

    Application control

    FortiLAN Cloud allows you to configure UTP on FortiAP endpoints (for supported models) to detect traffic in specific categories generated by a large number of applications. You can specify what action to take with the application traffic; allow, monitor, or block. Application control supports traffic detection using the HTTP protocol and uses deep application inspections to detect traffic for better control and coverage. You can select specific application signatures in the supported categories to configure and override the action set generally for all categories.

    Web Access

    You can control access to web content by blocking web pages containing specific words or patterns. The web access feature scans the content of every web page that is accepted by a security policy. You can use the following multiple web content filter lists.

    • Allow General Interest Sites Only
    • Allow General Interest Sites and Bandwidth Consuming Sites
    • Allow All Sites except Security Risk
    • Advanced Configuration

    In advanced configuration, you can configure the action to be taken for web pages of specific categories. You can also specify words, phrases, patterns, wildcards and Perl regular expressions to match content on web pages.

    Block Botnet

    FortiLAN Cloud allows you to enable botnet monitoring and blocking across all network traffic.

    Intrusion Prevention

    Intrusion Prevention System (IPS) detects network attacks and prevents threats from compromising the network, including protected devices. You can enable protection of wireless clients from being attacked by Internet hosts and vice versa.

    IPS sensors can contain one or more IPS filters that you can configure. A filter is a collection of signature attributes, the following are the attribute groups.

    • Target
    • Severity
    • Service
    • OS
    • Application

    When selecting multiple attributes within the same group, the selections are combined by using a logical OR. When selecting multiple attributes between attribute groups, each attribute group is combined by using a logical AND.

    Once you select filters in the GUI, the filtered list of IPS signatures are displayed. Adjust your filters accordingly to construct a suitable list for your needs.

    AntiVirus

    The Antivirus feature protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content. The Antivirus database type selection depends on the network and security needs. The following protocols are inspected.

    • HTTP
    • SMTP
    • POP3
    • IMAP
    • FTP
    Previous
    Next

    Security

    Security

    The following security features can be configured in the SSID.

    Application control

    FortiLAN Cloud allows you to configure UTP on FortiAP endpoints (for supported models) to detect traffic in specific categories generated by a large number of applications. You can specify what action to take with the application traffic; allow, monitor, or block. Application control supports traffic detection using the HTTP protocol and uses deep application inspections to detect traffic for better control and coverage. You can select specific application signatures in the supported categories to configure and override the action set generally for all categories.

    Web Access

    You can control access to web content by blocking web pages containing specific words or patterns. The web access feature scans the content of every web page that is accepted by a security policy. You can use the following multiple web content filter lists.

    • Allow General Interest Sites Only
    • Allow General Interest Sites and Bandwidth Consuming Sites
    • Allow All Sites except Security Risk
    • Advanced Configuration

    In advanced configuration, you can configure the action to be taken for web pages of specific categories. You can also specify words, phrases, patterns, wildcards and Perl regular expressions to match content on web pages.

    Block Botnet

    FortiLAN Cloud allows you to enable botnet monitoring and blocking across all network traffic.

    Intrusion Prevention

    Intrusion Prevention System (IPS) detects network attacks and prevents threats from compromising the network, including protected devices. You can enable protection of wireless clients from being attacked by Internet hosts and vice versa.

    IPS sensors can contain one or more IPS filters that you can configure. A filter is a collection of signature attributes, the following are the attribute groups.

    • Target
    • Severity
    • Service
    • OS
    • Application

    When selecting multiple attributes within the same group, the selections are combined by using a logical OR. When selecting multiple attributes between attribute groups, each attribute group is combined by using a logical AND.

    Once you select filters in the GUI, the filtered list of IPS signatures are displayed. Adjust your filters accordingly to construct a suitable list for your needs.

    AntiVirus

    The Antivirus feature protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content. The Antivirus database type selection depends on the network and security needs. The following protocols are inspected.

    • HTTP
    • SMTP
    • POP3
    • IMAP
    • FTP
    Previous
    Next